Docker Network Operations
Internal
Overview
List Networks
docker network ls
Get Detailed Information about a Network
docker network inspect <network-name>
The containers listed in the "Containers" list are connected (plugged into) to the network.
[
{
"Name": "bridge",
"Id": "3c9a92ee1a7d1d4208e7f924343b85d1af9152ea3d02634c48007d27103f9d36",
"Created": "2018-04-30T20:12:12.943677437-07:00",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": null,
"Config": [
{
"Subnet": "172.17.0.0/16",
"Gateway": "172.17.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"4e5c55294dcc0b4274c73639268c2a570c1e0cae0819ea2fbe21f58d7fdbeba5": {
"Name": "alpine1",
"EndpointID": "779600189ed5197e2ab2fb081f0e5d71d4348bc9af096c8ee77b83c7500afef3",
"MacAddress": "02:42:ac:11:00:02",
"IPv4Address": "172.17.0.2/16",
"IPv6Address": ""
},
"e3092a676f3d9ace791fd7ebb297b71950f1bbd3abe0383f6c7ad78d1fd76523": {
"Name": "alpine2",
"EndpointID": "f060429bfcaf8b2af04f071d88cd886b2a4e352a032ac9e2b2c98f40fb0dc759",
"MacAddress": "02:42:ac:11:00:03",
"IPv4Address": "172.17.0.3/16",
"IPv6Address": ""
}
},
"Options": {
"com.docker.network.bridge.default_bridge": "true",
"com.docker.network.bridge.enable_icc": "true",
"com.docker.network.bridge.enable_ip_masquerade": "true",
"com.docker.network.bridge.host_binding_ipv4": "0.0.0.0",
"com.docker.network.bridge.name": "docker0",
"com.docker.network.driver.mtu": "1500"
},
"Labels": {}
}
]
Create a New User-Defined Bridge Network
Command creates a user-defined bridge network:
docker network create \ [--driver=bridge] \ [--subnet=172.29.0.0/16] \ [--ip-range=172.28.5.0/24 ] \ [--gateway=172.29.5.253] \ <user-defined-bridge-network-name>
Example:
docker network create --driver=bridge green
docker network ls NETWORK ID NAME DRIVER SCOPE ... 663b4388fb68 green bridge local
Remove a User-Defined Bridge Network
docker network rm <user-defined-bridge-network-name>
Note that containers need to be disconnected first from the network being removed.
Connect a Container to a Network
At Container Creation Phase
When a container is created with docker create, one more more --network flags can be specified. Docker will use this information to connect the container to the specified network(s).
docker create --name <container-name> \ --network <network-name> \ --publish <host-port>:<container-port> \ ...
When the Container is Running
The container can be connected dynamically to a network while it is running:
docker network connect <network-name> <container-name>
Disconnect a Container from a Network
docker network disconnect <network-name> <container-name>
Enable IP Forwarding from Containers on the Default Bridge
By default, IP forwarding from containers connected to the default bridge is not enabled. To enabled it:
1. Configure the Linux kernel on the Docker host to allow forwarding.
2. Change the iptables FORWARD policy from DROP to ACCEPT:
sudo iptables -P FORWARD ACCEPT
These settings do not persist across a reboot, so in order to survive, they need to be added to a script.